VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202204-0269 CVE-2022-20726 Cisco Iox Security hole CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory. Cisco Iox is a secure development environment from Cisco (Cisco) that combines Cisco IOS and Linux OS for secure network connection and development of IOT applications. A security vulnerability exists in the Cisco Iox application hosting environment that stems from insufficient error handling of socket operations. An attacker could exploit the vulnerability by sending a sustained rate of compressed TCP traffic to the IOx web server on an affected device. Successful exploitation of this vulnerability could allow an attacker to cause the IOx web server to stop processing requests, resulting in a DoS situation. The following products and versions are affected: Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway
VAR-202204-1513 CVE-2022-20693 Cisco IOS XE  in software  OS  Command injection vulnerability CVSS V2: 9.0
CVSS V3: 7.2
Severity: HIGH
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI API. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges. (DoS) It may be in a state. Cisco IOS XE Software is an operating system of Cisco (Cisco). A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity
VAR-202204-0264 CVE-2022-20727 Cisco IOS XE Software Path traversal vulnerability CVSS V2: 7.2
CVSS V3: 6.7
Severity: MEDIUM
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory
VAR-202204-1620 CVE-2022-20677 Cisco IOS XE Encryption problem vulnerability CVSS V2: 7.2
CVSS V3: 6.7
Severity: MEDIUM
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory
VAR-202204-0262 CVE-2022-20721 Cisco IOx  Path Traversal Vulnerability in Application Hosting Environments CVSS V2: 6.8
CVSS V3: 4.9
Severity: MEDIUM
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory. Cisco IOx A path traversal vulnerability exists in application hosting environments.Information may be obtained. Cisco Iox is a secure development environment from Cisco (Cisco) that combines Cisco IOS and Linux OS for secure network connection and development of IOT applications. An attacker could exploit this vulnerability by sending a crafted command request using the API. Successful exploitation of this vulnerability could allow an attacker to read the contents of any file on the host device's file system. The following products and releases are affected: Cisco ASR, Cisco Catalyst, IOS by Cisco, IOS XE, Cisco Router
VAR-202204-0268 CVE-2022-20720 Cisco IOx  Link Interpretation Vulnerability in Application Hosting Environments CVSS V2: 9.0
CVSS V3: 7.2
Severity: HIGH
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory. Cisco IOx A link interpretation vulnerability exists in application hosting environments.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202204-0278 CVE-2022-20697 Cisco IOS  software and  Cisco IOS XE  Vulnerability of lack of releasing resources after valid lifetime in software CVSS V2: 6.8
CVSS V3: 8.6
Severity: HIGH
A vulnerability in the web services interface of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper resource management in the HTTP server code. An attacker could exploit this vulnerability by sending a large number of HTTP requests to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition
VAR-202204-0261 CVE-2022-20723 Cisco IOS XE Path traversal vulnerability CVSS V2: 9.0
CVSS V3: 7.2
Severity: HIGH
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory
VAR-202204-0522 CVE-2022-20683 Cisco IOS XE  Out-of-bounds write vulnerability in software CVSS V2: 7.8
CVSS V3: 8.6
Severity: HIGH
A vulnerability in the Application Visibility and Control (AVC-FNF) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient packet verification for traffic inspected by the AVC feature. An attacker could exploit this vulnerability by sending crafted packets from the wired network to a wireless client, resulting in the crafted packets being processed by the wireless controller. A successful exploit could allow the attacker to cause a crash and reload of the affected device, resulting in a DoS condition. Cisco IOS XE An out-of-bounds write vulnerability exists in the software.Service operation interruption (DoS) It may be in a state. Cisco IOS XE is an operating system developed by Cisco for its network equipment. Cisco IOS XE AVC-FNF has a denial-of-service vulnerability. Attackers can exploit this vulnerability to cause a denial of service
VAR-202204-0265 CVE-2022-20724 Cisco IOx  Race condition vulnerability in application hosting environments CVSS V2: 7.6
CVSS V3: 5.3
Severity: MEDIUM
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory. Cisco IOx A race condition vulnerability exists in the application hosting environment.Information may be tampered with. Cisco Iox is a secure development environment from Cisco (Cisco) that combines Cisco IOS and Linux OS for secure network connection and development of IOT applications. An attacker could exploit this vulnerability by continually attempting to call the upload API, and if the call occurs at the same time as an authorized administrator deploying the application, the attacker could contend for a token and be granted the ability to bypass authentication. Successful exploitation of this vulnerability could allow an attacker to bypass authentication. The following products and releases are affected: Cisco ASR, Cisco Catalyst, IOS by Cisco, IOS XE, Cisco Router
VAR-202204-1420 CVE-2022-20679 Cisco IOS XE  Input validation vulnerability in software CVSS V2: 6.8
CVSS V3: 7.7
Severity: HIGH
A vulnerability in the IPSec decryption routine of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to buffer exhaustion that occurs while traffic on a configured IPsec tunnel is being processed. An attacker could exploit this vulnerability by sending traffic to an affected device that has a maximum transmission unit (MTU) of 1800 bytes or greater. A successful exploit could allow the attacker to cause the device to reload. To exploit this vulnerability, the attacker may need access to the trusted network where the affected device is in order to send specific packets to be processed by the device. All network devices between the attacker and the affected device must support an MTU of 1800 bytes or greater. This access requirement could limit the possibility of a successful exploit. Cisco IOS XE The software contains an input validation vulnerability.Service operation interruption (DoS) It may be in a state. Cisco IOS XE is an operating system developed by Cisco for its network equipment
VAR-202204-0277 CVE-2022-20758 Cisco IOS XR  Software vulnerabilities CVSS V2: 7.1
CVSS V3: 6.8
Severity: MEDIUM
A vulnerability in the implementation of the Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the incorrect processing of a BGP update message that contains specific EVPN attributes. An attacker could exploit this vulnerability by sending a BGP update message that contains specific EVPN attributes. To exploit this vulnerability, an attacker must control a BGP speaker that has an established trusted peer connection to an affected device that is configured with the address family L2VPN EVPN to receive and process the update message. This vulnerability cannot be exploited by any data that is initiated by clients on the Layer 2 network or by peers that are not configured to accept the L2VPN EVPN address family. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP updates only from explicitly defined peers. For this vulnerability to be exploited, the malicious BGP update message must either come from a configured, valid BGP peer or be injected by the attacker into the affected BGP network on an existing, valid TCP connection to a BGP peer. Cisco IOS XR There are unspecified vulnerabilities in the software.Service operation interruption (DoS) It may be in a state
VAR-202204-0267 CVE-2022-20718 Cisco IOx  in an application hosting environment  OS  Command injection vulnerability CVSS V2: 9.0
CVSS V3: 7.2
Severity: HIGH
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory. Cisco IOx The application hosting environment includes OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202204-0263 CVE-2022-20719 Cisco IOx  Path Traversal Vulnerability in Application Hosting Environments CVSS V2: 9.0
CVSS V3: 7.2
Severity: HIGH
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory. Cisco IOx A path traversal vulnerability exists in application hosting environments.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202204-0857 CVE-2022-20682 Cisco IOS XE Wireless Controller  in software  NULL  Pointer dereference vulnerability CVSS V2: 7.8
CVSS V3: 8.6
Severity: HIGH
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to inadequate input validation of incoming CAPWAP packets encapsulating multicast DNS (mDNS) queries. An attacker could exploit this vulnerability by connecting to a wireless network and sending a crafted mDNS query, which would flow through and be processed by the wireless controller. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition
VAR-202204-0266 CVE-2022-20725 Cisco IOx  Cross-site scripting vulnerabilities in application hosting environments CVSS V2: 3.5
CVSS V3: 4.8
Severity: MEDIUM
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory. Cisco IOx A cross-site scripting vulnerability exists in your application hosting environment.Information may be obtained and information may be tampered with
VAR-202204-1365 CVE-2022-22279 plural  SonicWALL  Product certification vulnerabilities CVSS V2: 4.0
CVSS V3: 4.9
Severity: MEDIUM
A post-authentication arbitrary file read vulnerability impacting end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series products, specifically the SRA appliances running all 8.x, 9.0.0.5-19sv and earlier versions and Secure Mobile Access (SMA) 100 series products running older firmware 9.0.0.9-26sv and earlier versions. ** Not supported ** This is a vulnerability in an unsupported product. sra 1200 firmware, sra 4200 firmware, SMA210 firmware etc. SonicWALL The product contains authentication vulnerabilities.Information may be obtained
VAR-202204-0859 CVE-2021-41119 Wire Resource Management Error Vulnerability CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
Wire-server is the system server for the wire back-end services. Releases prior to v2022-03-01 are subject to a denial of service attack via a crafted object causing a hash collision. This collision causes the server to spend at least quadratic time parsing it which can lead to a denial of service for a heavily used server. The issue has been fixed in wire-server 2022-03-01 and is already deployed on all Wire managed services. On premise instances of wire-server need to be updated to 2022-03-01, so that their backends are no longer affected. There are no known workarounds for this issue
VAR-202204-1361 CVE-2022-20717 Cisco SD-WAN vEdge Router  Vulnerability in resource allocation without restrictions or throttling in CVSS V2: 4.9
CVSS V3: 5.5
Severity: MEDIUM
A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient memory management when an affected device receives large amounts of traffic. An attacker could exploit this vulnerability by sending malicious traffic to an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition. Cisco SD-WAN vEdge Router Exists in a vulnerability in resource allocation without restrictions or throttling.Service operation interruption (DoS) It may be in a state
VAR-202204-0320 CVE-2021-40368 plural  SIMATIC  Buffer error vulnerability in the product CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-2 DP V7 (All versions), SIMATIC S7-400 CPU 416-3 DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416F-2 DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 417-4 DP V7 (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.10), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) (All versions < V10.1), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) (All versions < V8.2.3), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 V7 (All versions), SIPLUS S7-400 CPU 417-4 V7 (All versions). Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a Denial-of-Service condition. A restart is needed to restore normal operations. plural SIMATIC The product contains a buffer error vulnerability.Denial of service (DoS) It may be put into a state. The SIMATIC S7-400 CPU family is designed for process control in industrial environments. A denial of service vulnerability exists in Siemens SIMATIC S7-400 CPUs that could be exploited by an attacker to create a denial of service condition